Collaborate Disseminate
It is very common to see cybercriminals exploit vulnerabilities in blogging software such as WordPress and Joomla! for injecting their malicious code. In my research, I decided to investigate this further and see what the current threat landscape looks like by researching the most visited blogs in Sweden. Continue reading The cybercrime ecosystem: attacking blogs
Code-injection via third- and fourth-party scripts — as seen with Magecart — is a growing security problem for websites. Continue reading Website, Know Thyself: What Code Are You Serving?
Code injection, also called Remote Code Execution (RCE), occurs when an attacker exploits an input validation flaw in software to introduce and execute malicious code. Code is injected in the language of the targeted application and executed by the ser… Continue reading What is Code Injection and How to Avoid It
The group is using the More_eggs JScript backdoor to anchor its attack. Continue reading FIN6 Switches Up PoS Tactics to Target E-Commerce
An open letter from the OpenID Foundation says that Apple introduced potential risks when it diverged from the OpenID Connect protocol. Continue reading Privacy and security risks as Sign In with Apple tweaks Open ID protocol
In May 2018, we discovered a campaign targeting dozens of mobile Android devices belonging to Israeli citizens. We decided to call the operation “ViceLeaker”, because of strings and variables in its code. Continue reading ViceLeaker Operation: mobile espionage targeting Middle East
For the past year, hackers—some of them associated with the MageCart online skimming group—have broken into high-profile online stores by exploiting a previously unknown vulnerability in a web-based database management tool. The vulnerability is locat… Continue reading Government, E-commerce Sites Hacked Through Database Tool
Researchers think an organized crime gang is running the massive campaigns, prepping for large-scale follow-on attacks on Android users. Continue reading ICEPick-3PC: A Sophisticated Adware That Collects Data En Masse
Despite fewer plugins being added to Wordpress last year, the CMS saw an astounding tripling of vulnerabilities in its platform in 2018. Continue reading ThreatList: WordPress Vulnerabilities Tripled in 2018
The spam campaign mostly targets victims in Turkey and Germany. Continue reading Adwind RAT Scurries By AV Software With New DDE Variant